Improving the Security of Scan Path Test using Differential Chains

In this paper we present a new scan-path structure in order to improve the security of systems including a scan-path, which normally introduces a security critical information channel into a design. With this new structure we maintain testability as in a scan design and security like in a design without scan path. The structure, named differential scan-path (DiSP), divides the internal state of the scan-path in two sections. During shifting out, only the subtraction of the two sections is provided. The discovery of the internal state from this subtraction requires a guesswork effort that exponentially increases with the length of the scan-path. The subtraction doesn’t preserve parity, which is a property sometimes used during attacks. The output subtraction can’t be reverted and hence it is not possible to restore the internal state of the chip from the output. The structure is simple, it needs little area and it doesn’t require unlocking keys.     «

In this paper we present a new scan-path structure in order to improve the security of systems including a scan-path, which normally introduces a security critical information channel into a design. With this new structure we maintain testability as in a scan design and security like in a design without scan path. The structure, named differential scan-path (DiSP), divides the internal state of the scan-path in two sections. During shifting out, only the subtraction of the two sections is provi...     »